The use of social networking sites and other peer-to-peer sites is drastically increasing. One key aspect of these sites is the exchange of data between users. In order to effectively exchange data, it is desirable for originating users to be able to verify the identity of a receiving user before allowing access to data controlled by the originating user. Stated another way, current embodiments of online social networks are susceptible to manipulation by users who would actively deceive other users to obtain private information, or worse, to lure naïve users into potentially dangerous situations.
Online communities, such as dating websites, forums, chat rooms, news groups, and adult websites, often present an opportunity for identity fraud, wherein a malicious user may misrepresent personal information to fellow users, including their age, marital status, employment status, and location, all for the purpose of portraying a carefully constructed facade to unsuspecting marks. Once the innocent user's trust has been gained, a savvy rogue may be able to extract valuable information concerning the user's finances, for example. Crafty philanderers may indicate in their online dating profile that they are unmarried, in order to pursue extramarital affairs. Teens may lie about their age, in order to gain access to content that is meant for more mature audiences.
Similarly, there is a desire to ensure the privacy of personal information. With respect to social networking sites in particular, such information is generally exchanged between users freely. Often times, information is published on such sites without any regard for whether the information is readily available to be seen by unwanted viewers. In an effort to control the number of users that may view information posted on social networking sites, systems have been developed for users to restrict access to their information. For example, a user may “accept or reject” a request from another user to view information. One issue that has arisen, however, is the ability of the posting user to verify the identity of a requesting user. In other words, it may be possible for a requesting user to be an imposter, who is impersonating another user, or who has set up a false account, in order to gain access to the responding user's account.
Some systems have been introduced in an attempt to compensate for such deficiencies. For example, U.S. Published Patent Application No. 2006/0277092 by Williams discloses a system and method for a peer-to-peer exchange of consumer information. The system includes a security component to authenticate a peer. The security component receives the peer's identity and verifies the identity. A service company may provide a public key infrastructure to verify the identity of a peer. Once authenticated with another peer, a peer may transmit and receive queries during a communications session, such as queries seeking certain consumer information.
Another type of system is disclosed in U.S. Published Patent Application No. 2005/0005168 by Dick, which discloses a method for creating a database of verified personal information. The method includes gathering information regarding individuals from one or more sources and storing that information. Authorized individuals may request to view the information over a wide area computer network. The authorized individuals may be allowed to review selected portions of the gathered information that is presented over the wide area computer network. Commentary from the authorized users on the accuracy of the information may be solicited and included in the database with information. Third parties do not have access to the database of verified personal information, but can verify information outside of the database.
Other existing solutions to identity verification issues include faxing, emailing or mailing copies of identity documents to processing centers, accessing personal credit information, or accessing public record information. These existing solutions come at a cost to users, both financially and in terms of privacy. Such solutions are also subject to fraud and to not, in many cases, ensure the actual user is the subject of the identity data being used in the transaction. The prior known identity solutions, used for the purpose of identity verification, allow peers to review and verify identity data anonymously, or function by using website accounts specifically created for the purposes of reviewing and commenting on the identity data submitted by other users. Those skilled in the art will appreciate that the known identity solutions are largely ineffective when used in an online environment.
One issue that still remains, however, is that information used for verification is gathered from public and private third-party databases, publications, public records and files on the Internet. Further, the above referenced systems do not leverage architecture that is already in place, from existing social networking websites, to access the subject individual's real-world social network, which would have knowledge of the subject. Accordingly, not only are the above-referenced systems expensive and cumbersome to carry out, but those systems are likely to have a certain level of associated unreliability.
The systems mentioned above do not allow users to control both the nature and depth of the information available in the database, because the user did not originally author the information. Again, since the information is gathered from public and private third-party databases, the user cannot truly be assured that the information they are receiving is trustworthy.